nextcloud /
server
@@ -42,266 +42,266 @@ |
||
| 42 | 42 | * @package OC\Security\Bruteforce |
| 43 | 43 | */ |
| 44 | 44 | class Throttler { |
| 45 | - const LOGIN_ACTION = 'login'; |
|
| 46 | - |
|
| 47 | - /** @var IDBConnection */ |
|
| 48 | - private $db; |
|
| 49 | - /** @var ITimeFactory */ |
|
| 50 | - private $timeFactory; |
|
| 51 | - /** @var ILogger */ |
|
| 52 | - private $logger; |
|
| 53 | - /** @var IConfig */ |
|
| 54 | - private $config; |
|
| 55 | - |
|
| 56 | - /** |
|
| 57 | - * @param IDBConnection $db |
|
| 58 | - * @param ITimeFactory $timeFactory |
|
| 59 | - * @param ILogger $logger |
|
| 60 | - * @param IConfig $config |
|
| 61 | - */ |
|
| 62 | - public function __construct(IDBConnection $db, |
|
| 63 | - ITimeFactory $timeFactory, |
|
| 64 | - ILogger $logger, |
|
| 65 | - IConfig $config) { |
|
| 66 | - $this->db = $db; |
|
| 67 | - $this->timeFactory = $timeFactory; |
|
| 68 | - $this->logger = $logger; |
|
| 69 | - $this->config = $config; |
|
| 70 | - } |
|
| 71 | - |
|
| 72 | - /** |
|
| 73 | - * Convert a number of seconds into the appropriate DateInterval |
|
| 74 | - * |
|
| 75 | - * @param int $expire |
|
| 76 | - * @return \DateInterval |
|
| 77 | - */ |
|
| 78 | - private function getCutoff($expire) { |
|
| 79 | - $d1 = new \DateTime(); |
|
| 80 | - $d2 = clone $d1; |
|
| 81 | - $d2->sub(new \DateInterval('PT' . $expire . 'S')); |
|
| 82 | - return $d2->diff($d1); |
|
| 83 | - } |
|
| 84 | - |
|
| 85 | - /** |
|
| 86 | - * Return the given subnet for an IPv4 address and mask bits |
|
| 87 | - * |
|
| 88 | - * @param string $ip |
|
| 89 | - * @param int $maskBits |
|
| 90 | - * @return string |
|
| 91 | - */ |
|
| 92 | - private function getIPv4Subnet($ip, |
|
| 93 | - $maskBits = 32) { |
|
| 94 | - $binary = \inet_pton($ip); |
|
| 95 | - for ($i = 32; $i > $maskBits; $i -= 8) { |
|
| 96 | - $j = \intdiv($i, 8) - 1; |
|
| 97 | - $k = (int) \min(8, $i - $maskBits); |
|
| 98 | - $mask = (0xff - ((pow(2, $k)) - 1)); |
|
| 99 | - $int = \unpack('C', $binary[$j]); |
|
| 100 | - $binary[$j] = \pack('C', $int[1] & $mask); |
|
| 101 | - } |
|
| 102 | - return \inet_ntop($binary).'/'.$maskBits; |
|
| 103 | - } |
|
| 104 | - |
|
| 105 | - /** |
|
| 106 | - * Return the given subnet for an IPv6 address and mask bits |
|
| 107 | - * |
|
| 108 | - * @param string $ip |
|
| 109 | - * @param int $maskBits |
|
| 110 | - * @return string |
|
| 111 | - */ |
|
| 112 | - private function getIPv6Subnet($ip, $maskBits = 48) { |
|
| 113 | - $binary = \inet_pton($ip); |
|
| 114 | - for ($i = 128; $i > $maskBits; $i -= 8) { |
|
| 115 | - $j = \intdiv($i, 8) - 1; |
|
| 116 | - $k = (int) \min(8, $i - $maskBits); |
|
| 117 | - $mask = (0xff - ((pow(2, $k)) - 1)); |
|
| 118 | - $int = \unpack('C', $binary[$j]); |
|
| 119 | - $binary[$j] = \pack('C', $int[1] & $mask); |
|
| 120 | - } |
|
| 121 | - return \inet_ntop($binary).'/'.$maskBits; |
|
| 122 | - } |
|
| 123 | - |
|
| 124 | - /** |
|
| 125 | - * Return the given subnet for an IP and the configured mask bits |
|
| 126 | - * |
|
| 127 | - * Determine if the IP is an IPv4 or IPv6 address, then pass to the correct |
|
| 128 | - * method for handling that specific type. |
|
| 129 | - * |
|
| 130 | - * @param string $ip |
|
| 131 | - * @return string |
|
| 132 | - */ |
|
| 133 | - private function getSubnet($ip) { |
|
| 134 | - if (\preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $ip)) { |
|
| 135 | - return $this->getIPv4Subnet( |
|
| 136 | - $ip, |
|
| 137 | - 32 |
|
| 138 | - ); |
|
| 139 | - } |
|
| 140 | - return $this->getIPv6Subnet( |
|
| 141 | - $ip, |
|
| 142 | - 128 |
|
| 143 | - ); |
|
| 144 | - } |
|
| 145 | - |
|
| 146 | - /** |
|
| 147 | - * Register a failed attempt to bruteforce a security control |
|
| 148 | - * |
|
| 149 | - * @param string $action |
|
| 150 | - * @param string $ip |
|
| 151 | - * @param array $metadata Optional metadata logged to the database |
|
| 152 | - */ |
|
| 153 | - public function registerAttempt($action, |
|
| 154 | - $ip, |
|
| 155 | - array $metadata = []) { |
|
| 156 | - // No need to log if the bruteforce protection is disabled |
|
| 157 | - if($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { |
|
| 158 | - return; |
|
| 159 | - } |
|
| 160 | - |
|
| 161 | - $values = [ |
|
| 162 | - 'action' => $action, |
|
| 163 | - 'occurred' => $this->timeFactory->getTime(), |
|
| 164 | - 'ip' => $ip, |
|
| 165 | - 'subnet' => $this->getSubnet($ip), |
|
| 166 | - 'metadata' => json_encode($metadata), |
|
| 167 | - ]; |
|
| 168 | - |
|
| 169 | - $this->logger->notice( |
|
| 170 | - sprintf( |
|
| 171 | - 'Bruteforce attempt from "%s" detected for action "%s".', |
|
| 172 | - $ip, |
|
| 173 | - $action |
|
| 174 | - ), |
|
| 175 | - [ |
|
| 176 | - 'app' => 'core', |
|
| 177 | - ] |
|
| 178 | - ); |
|
| 179 | - |
|
| 180 | - $qb = $this->db->getQueryBuilder(); |
|
| 181 | - $qb->insert('bruteforce_attempts'); |
|
| 182 | - foreach($values as $column => $value) { |
|
| 183 | - $qb->setValue($column, $qb->createNamedParameter($value)); |
|
| 184 | - } |
|
| 185 | - $qb->execute(); |
|
| 186 | - } |
|
| 187 | - |
|
| 188 | - /** |
|
| 189 | - * Check if the IP is whitelisted |
|
| 190 | - * |
|
| 191 | - * @param string $ip |
|
| 192 | - * @return bool |
|
| 193 | - */ |
|
| 194 | - private function isIPWhitelisted($ip) { |
|
| 195 | - $keys = $this->config->getAppKeys('bruteForce'); |
|
| 196 | - $keys = array_filter($keys, function($key) { |
|
| 197 | - $regex = '/^whitelist_/S'; |
|
| 198 | - return preg_match($regex, $key) === 1; |
|
| 199 | - }); |
|
| 200 | - |
|
| 201 | - if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { |
|
| 202 | - $type = 4; |
|
| 203 | - } else if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { |
|
| 204 | - $type = 6; |
|
| 205 | - } else { |
|
| 206 | - return false; |
|
| 207 | - } |
|
| 208 | - |
|
| 209 | - $ip = inet_pton($ip); |
|
| 210 | - |
|
| 211 | - foreach ($keys as $key) { |
|
| 212 | - $cidr = $this->config->getAppValue('bruteForce', $key, null); |
|
| 213 | - |
|
| 214 | - $cx = explode('/', $cidr); |
|
| 215 | - $addr = $cx[0]; |
|
| 216 | - $mask = (int)$cx[1]; |
|
| 217 | - |
|
| 218 | - // Do not compare ipv4 to ipv6 |
|
| 219 | - if (($type === 4 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) || |
|
| 220 | - ($type === 6 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))) { |
|
| 221 | - continue; |
|
| 222 | - } |
|
| 223 | - |
|
| 224 | - $addr = inet_pton($addr); |
|
| 225 | - |
|
| 226 | - $valid = true; |
|
| 227 | - for($i = 0; $i < $mask; $i++) { |
|
| 228 | - $part = ord($addr[(int)($i/8)]); |
|
| 229 | - $orig = ord($ip[(int)($i/8)]); |
|
| 230 | - |
|
| 231 | - $part = $part & (15 << (1 - ($i % 2))); |
|
| 232 | - $orig = $orig & (15 << (1 - ($i % 2))); |
|
| 233 | - |
|
| 234 | - if ($part !== $orig) { |
|
| 235 | - $valid = false; |
|
| 236 | - break; |
|
| 237 | - } |
|
| 238 | - } |
|
| 239 | - |
|
| 240 | - if ($valid === true) { |
|
| 241 | - return true; |
|
| 242 | - } |
|
| 243 | - } |
|
| 244 | - |
|
| 245 | - return false; |
|
| 246 | - |
|
| 247 | - } |
|
| 248 | - |
|
| 249 | - /** |
|
| 250 | - * Get the throttling delay (in milliseconds) |
|
| 251 | - * |
|
| 252 | - * @param string $ip |
|
| 253 | - * @param string $action optionally filter by action |
|
| 254 | - * @return int |
|
| 255 | - */ |
|
| 256 | - public function getDelay($ip, $action = '') { |
|
| 257 | - if ($this->isIPWhitelisted($ip)) { |
|
| 258 | - return 0; |
|
| 259 | - } |
|
| 260 | - |
|
| 261 | - $cutoffTime = (new \DateTime()) |
|
| 262 | - ->sub($this->getCutoff(43200)) |
|
| 263 | - ->getTimestamp(); |
|
| 264 | - |
|
| 265 | - $qb = $this->db->getQueryBuilder(); |
|
| 266 | - $qb->select('*') |
|
| 267 | - ->from('bruteforce_attempts') |
|
| 268 | - ->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime))) |
|
| 269 | - ->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($this->getSubnet($ip)))); |
|
| 270 | - |
|
| 271 | - if ($action !== '') { |
|
| 272 | - $qb->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action))); |
|
| 273 | - } |
|
| 274 | - |
|
| 275 | - $attempts = count($qb->execute()->fetchAll()); |
|
| 276 | - |
|
| 277 | - if ($attempts === 0) { |
|
| 278 | - return 0; |
|
| 279 | - } |
|
| 280 | - |
|
| 281 | - $maxDelay = 30; |
|
| 282 | - $firstDelay = 0.1; |
|
| 283 | - if ($attempts > (8 * PHP_INT_SIZE - 1)) { |
|
| 284 | - // Don't ever overflow. Just assume the maxDelay time:s |
|
| 285 | - $firstDelay = $maxDelay; |
|
| 286 | - } else { |
|
| 287 | - $firstDelay *= pow(2, $attempts); |
|
| 288 | - if ($firstDelay > $maxDelay) { |
|
| 289 | - $firstDelay = $maxDelay; |
|
| 290 | - } |
|
| 291 | - } |
|
| 292 | - return (int) \ceil($firstDelay * 1000); |
|
| 293 | - } |
|
| 294 | - |
|
| 295 | - /** |
|
| 296 | - * Will sleep for the defined amount of time |
|
| 297 | - * |
|
| 298 | - * @param string $ip |
|
| 299 | - * @param string $action optionally filter by action |
|
| 300 | - * @return int the time spent sleeping |
|
| 301 | - */ |
|
| 302 | - public function sleepDelay($ip, $action = '') { |
|
| 303 | - $delay = $this->getDelay($ip, $action); |
|
| 304 | - usleep($delay * 1000); |
|
| 305 | - return $delay; |
|
| 306 | - } |
|
| 45 | + const LOGIN_ACTION = 'login'; |
|
| 46 | + |
|
| 47 | + /** @var IDBConnection */ |
|
| 48 | + private $db; |
|
| 49 | + /** @var ITimeFactory */ |
|
| 50 | + private $timeFactory; |
|
| 51 | + /** @var ILogger */ |
|
| 52 | + private $logger; |
|
| 53 | + /** @var IConfig */ |
|
| 54 | + private $config; |
|
| 55 | + |
|
| 56 | + /** |
|
| 57 | + * @param IDBConnection $db |
|
| 58 | + * @param ITimeFactory $timeFactory |
|
| 59 | + * @param ILogger $logger |
|
| 60 | + * @param IConfig $config |
|
| 61 | + */ |
|
| 62 | + public function __construct(IDBConnection $db, |
|
| 63 | + ITimeFactory $timeFactory, |
|
| 64 | + ILogger $logger, |
|
| 65 | + IConfig $config) { |
|
| 66 | + $this->db = $db; |
|
| 67 | + $this->timeFactory = $timeFactory; |
|
| 68 | + $this->logger = $logger; |
|
| 69 | + $this->config = $config; |
|
| 70 | + } |
|
| 71 | + |
|
| 72 | + /** |
|
| 73 | + * Convert a number of seconds into the appropriate DateInterval |
|
| 74 | + * |
|
| 75 | + * @param int $expire |
|
| 76 | + * @return \DateInterval |
|
| 77 | + */ |
|
| 78 | + private function getCutoff($expire) { |
|
| 79 | + $d1 = new \DateTime(); |
|
| 80 | + $d2 = clone $d1; |
|
| 81 | + $d2->sub(new \DateInterval('PT' . $expire . 'S')); |
|
| 82 | + return $d2->diff($d1); |
|
| 83 | + } |
|
| 84 | + |
|
| 85 | + /** |
|
| 86 | + * Return the given subnet for an IPv4 address and mask bits |
|
| 87 | + * |
|
| 88 | + * @param string $ip |
|
| 89 | + * @param int $maskBits |
|
| 90 | + * @return string |
|
| 91 | + */ |
|
| 92 | + private function getIPv4Subnet($ip, |
|
| 93 | + $maskBits = 32) { |
|
| 94 | + $binary = \inet_pton($ip); |
|
| 95 | + for ($i = 32; $i > $maskBits; $i -= 8) { |
|
| 96 | + $j = \intdiv($i, 8) - 1; |
|
| 97 | + $k = (int) \min(8, $i - $maskBits); |
|
| 98 | + $mask = (0xff - ((pow(2, $k)) - 1)); |
|
| 99 | + $int = \unpack('C', $binary[$j]); |
|
| 100 | + $binary[$j] = \pack('C', $int[1] & $mask); |
|
| 101 | + } |
|
| 102 | + return \inet_ntop($binary).'/'.$maskBits; |
|
| 103 | + } |
|
| 104 | + |
|
| 105 | + /** |
|
| 106 | + * Return the given subnet for an IPv6 address and mask bits |
|
| 107 | + * |
|
| 108 | + * @param string $ip |
|
| 109 | + * @param int $maskBits |
|
| 110 | + * @return string |
|
| 111 | + */ |
|
| 112 | + private function getIPv6Subnet($ip, $maskBits = 48) { |
|
| 113 | + $binary = \inet_pton($ip); |
|
| 114 | + for ($i = 128; $i > $maskBits; $i -= 8) { |
|
| 115 | + $j = \intdiv($i, 8) - 1; |
|
| 116 | + $k = (int) \min(8, $i - $maskBits); |
|
| 117 | + $mask = (0xff - ((pow(2, $k)) - 1)); |
|
| 118 | + $int = \unpack('C', $binary[$j]); |
|
| 119 | + $binary[$j] = \pack('C', $int[1] & $mask); |
|
| 120 | + } |
|
| 121 | + return \inet_ntop($binary).'/'.$maskBits; |
|
| 122 | + } |
|
| 123 | + |
|
| 124 | + /** |
|
| 125 | + * Return the given subnet for an IP and the configured mask bits |
|
| 126 | + * |
|
| 127 | + * Determine if the IP is an IPv4 or IPv6 address, then pass to the correct |
|
| 128 | + * method for handling that specific type. |
|
| 129 | + * |
|
| 130 | + * @param string $ip |
|
| 131 | + * @return string |
|
| 132 | + */ |
|
| 133 | + private function getSubnet($ip) { |
|
| 134 | + if (\preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $ip)) { |
|
| 135 | + return $this->getIPv4Subnet( |
|
| 136 | + $ip, |
|
| 137 | + 32 |
|
| 138 | + ); |
|
| 139 | + } |
|
| 140 | + return $this->getIPv6Subnet( |
|
| 141 | + $ip, |
|
| 142 | + 128 |
|
| 143 | + ); |
|
| 144 | + } |
|
| 145 | + |
|
| 146 | + /** |
|
| 147 | + * Register a failed attempt to bruteforce a security control |
|
| 148 | + * |
|
| 149 | + * @param string $action |
|
| 150 | + * @param string $ip |
|
| 151 | + * @param array $metadata Optional metadata logged to the database |
|
| 152 | + */ |
|
| 153 | + public function registerAttempt($action, |
|
| 154 | + $ip, |
|
| 155 | + array $metadata = []) { |
|
| 156 | + // No need to log if the bruteforce protection is disabled |
|
| 157 | + if($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { |
|
| 158 | + return; |
|
| 159 | + } |
|
| 160 | + |
|
| 161 | + $values = [ |
|
| 162 | + 'action' => $action, |
|
| 163 | + 'occurred' => $this->timeFactory->getTime(), |
|
| 164 | + 'ip' => $ip, |
|
| 165 | + 'subnet' => $this->getSubnet($ip), |
|
| 166 | + 'metadata' => json_encode($metadata), |
|
| 167 | + ]; |
|
| 168 | + |
|
| 169 | + $this->logger->notice( |
|
| 170 | + sprintf( |
|
| 171 | + 'Bruteforce attempt from "%s" detected for action "%s".', |
|
| 172 | + $ip, |
|
| 173 | + $action |
|
| 174 | + ), |
|
| 175 | + [ |
|
| 176 | + 'app' => 'core', |
|
| 177 | + ] |
|
| 178 | + ); |
|
| 179 | + |
|
| 180 | + $qb = $this->db->getQueryBuilder(); |
|
| 181 | + $qb->insert('bruteforce_attempts'); |
|
| 182 | + foreach($values as $column => $value) { |
|
| 183 | + $qb->setValue($column, $qb->createNamedParameter($value)); |
|
| 184 | + } |
|
| 185 | + $qb->execute(); |
|
| 186 | + } |
|
| 187 | + |
|
| 188 | + /** |
|
| 189 | + * Check if the IP is whitelisted |
|
| 190 | + * |
|
| 191 | + * @param string $ip |
|
| 192 | + * @return bool |
|
| 193 | + */ |
|
| 194 | + private function isIPWhitelisted($ip) { |
|
| 195 | + $keys = $this->config->getAppKeys('bruteForce'); |
|
| 196 | + $keys = array_filter($keys, function($key) { |
|
| 197 | + $regex = '/^whitelist_/S'; |
|
| 198 | + return preg_match($regex, $key) === 1; |
|
| 199 | + }); |
|
| 200 | + |
|
| 201 | + if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { |
|
| 202 | + $type = 4; |
|
| 203 | + } else if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { |
|
| 204 | + $type = 6; |
|
| 205 | + } else { |
|
| 206 | + return false; |
|
| 207 | + } |
|
| 208 | + |
|
| 209 | + $ip = inet_pton($ip); |
|
| 210 | + |
|
| 211 | + foreach ($keys as $key) { |
|
| 212 | + $cidr = $this->config->getAppValue('bruteForce', $key, null); |
|
| 213 | + |
|
| 214 | + $cx = explode('/', $cidr); |
|
| 215 | + $addr = $cx[0]; |
|
| 216 | + $mask = (int)$cx[1]; |
|
| 217 | + |
|
| 218 | + // Do not compare ipv4 to ipv6 |
|
| 219 | + if (($type === 4 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) || |
|
| 220 | + ($type === 6 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))) { |
|
| 221 | + continue; |
|
| 222 | + } |
|
| 223 | + |
|
| 224 | + $addr = inet_pton($addr); |
|
| 225 | + |
|
| 226 | + $valid = true; |
|
| 227 | + for($i = 0; $i < $mask; $i++) { |
|
| 228 | + $part = ord($addr[(int)($i/8)]); |
|
| 229 | + $orig = ord($ip[(int)($i/8)]); |
|
| 230 | + |
|
| 231 | + $part = $part & (15 << (1 - ($i % 2))); |
|
| 232 | + $orig = $orig & (15 << (1 - ($i % 2))); |
|
| 233 | + |
|
| 234 | + if ($part !== $orig) { |
|
| 235 | + $valid = false; |
|
| 236 | + break; |
|
| 237 | + } |
|
| 238 | + } |
|
| 239 | + |
|
| 240 | + if ($valid === true) { |
|
| 241 | + return true; |
|
| 242 | + } |
|
| 243 | + } |
|
| 244 | + |
|
| 245 | + return false; |
|
| 246 | + |
|
| 247 | + } |
|
| 248 | + |
|
| 249 | + /** |
|
| 250 | + * Get the throttling delay (in milliseconds) |
|
| 251 | + * |
|
| 252 | + * @param string $ip |
|
| 253 | + * @param string $action optionally filter by action |
|
| 254 | + * @return int |
|
| 255 | + */ |
|
| 256 | + public function getDelay($ip, $action = '') { |
|
| 257 | + if ($this->isIPWhitelisted($ip)) { |
|
| 258 | + return 0; |
|
| 259 | + } |
|
| 260 | + |
|
| 261 | + $cutoffTime = (new \DateTime()) |
|
| 262 | + ->sub($this->getCutoff(43200)) |
|
| 263 | + ->getTimestamp(); |
|
| 264 | + |
|
| 265 | + $qb = $this->db->getQueryBuilder(); |
|
| 266 | + $qb->select('*') |
|
| 267 | + ->from('bruteforce_attempts') |
|
| 268 | + ->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime))) |
|
| 269 | + ->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($this->getSubnet($ip)))); |
|
| 270 | + |
|
| 271 | + if ($action !== '') { |
|
| 272 | + $qb->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action))); |
|
| 273 | + } |
|
| 274 | + |
|
| 275 | + $attempts = count($qb->execute()->fetchAll()); |
|
| 276 | + |
|
| 277 | + if ($attempts === 0) { |
|
| 278 | + return 0; |
|
| 279 | + } |
|
| 280 | + |
|
| 281 | + $maxDelay = 30; |
|
| 282 | + $firstDelay = 0.1; |
|
| 283 | + if ($attempts > (8 * PHP_INT_SIZE - 1)) { |
|
| 284 | + // Don't ever overflow. Just assume the maxDelay time:s |
|
| 285 | + $firstDelay = $maxDelay; |
|
| 286 | + } else { |
|
| 287 | + $firstDelay *= pow(2, $attempts); |
|
| 288 | + if ($firstDelay > $maxDelay) { |
|
| 289 | + $firstDelay = $maxDelay; |
|
| 290 | + } |
|
| 291 | + } |
|
| 292 | + return (int) \ceil($firstDelay * 1000); |
|
| 293 | + } |
|
| 294 | + |
|
| 295 | + /** |
|
| 296 | + * Will sleep for the defined amount of time |
|
| 297 | + * |
|
| 298 | + * @param string $ip |
|
| 299 | + * @param string $action optionally filter by action |
|
| 300 | + * @return int the time spent sleeping |
|
| 301 | + */ |
|
| 302 | + public function sleepDelay($ip, $action = '') { |
|
| 303 | + $delay = $this->getDelay($ip, $action); |
|
| 304 | + usleep($delay * 1000); |
|
| 305 | + return $delay; |
|
| 306 | + } |
|
| 307 | 307 | } |
@@ -78,7 +78,7 @@ discard block |
||
| 78 | 78 | private function getCutoff($expire) { |
| 79 | 79 | $d1 = new \DateTime(); |
| 80 | 80 | $d2 = clone $d1; |
| 81 | - $d2->sub(new \DateInterval('PT' . $expire . 'S')); |
|
| 81 | + $d2->sub(new \DateInterval('PT'.$expire.'S')); |
|
| 82 | 82 | return $d2->diff($d1); |
| 83 | 83 | } |
| 84 | 84 | |
@@ -154,7 +154,7 @@ discard block |
||
| 154 | 154 | $ip, |
| 155 | 155 | array $metadata = []) { |
| 156 | 156 | // No need to log if the bruteforce protection is disabled |
| 157 | - if($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { |
|
| 157 | + if ($this->config->getSystemValue('auth.bruteforce.protection.enabled', true) === false) { |
|
| 158 | 158 | return; |
| 159 | 159 | } |
| 160 | 160 | |
@@ -179,7 +179,7 @@ discard block |
||
| 179 | 179 | |
| 180 | 180 | $qb = $this->db->getQueryBuilder(); |
| 181 | 181 | $qb->insert('bruteforce_attempts'); |
| 182 | - foreach($values as $column => $value) { |
|
| 182 | + foreach ($values as $column => $value) { |
|
| 183 | 183 | $qb->setValue($column, $qb->createNamedParameter($value)); |
| 184 | 184 | } |
| 185 | 185 | $qb->execute(); |
@@ -213,7 +213,7 @@ discard block |
||
| 213 | 213 | |
| 214 | 214 | $cx = explode('/', $cidr); |
| 215 | 215 | $addr = $cx[0]; |
| 216 | - $mask = (int)$cx[1]; |
|
| 216 | + $mask = (int) $cx[1]; |
|
| 217 | 217 | |
| 218 | 218 | // Do not compare ipv4 to ipv6 |
| 219 | 219 | if (($type === 4 && !filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) || |
@@ -224,9 +224,9 @@ discard block |
||
| 224 | 224 | $addr = inet_pton($addr); |
| 225 | 225 | |
| 226 | 226 | $valid = true; |
| 227 | - for($i = 0; $i < $mask; $i++) { |
|
| 228 | - $part = ord($addr[(int)($i/8)]); |
|
| 229 | - $orig = ord($ip[(int)($i/8)]); |
|
| 227 | + for ($i = 0; $i < $mask; $i++) { |
|
| 228 | + $part = ord($addr[(int) ($i / 8)]); |
|
| 229 | + $orig = ord($ip[(int) ($i / 8)]); |
|
| 230 | 230 | |
| 231 | 231 | $part = $part & (15 << (1 - ($i % 2))); |
| 232 | 232 | $orig = $orig & (15 << (1 - ($i % 2))); |
@@ -280,7 +280,7 @@ discard block |
||
| 280 | 280 | |
| 281 | 281 | $maxDelay = 30; |
| 282 | 282 | $firstDelay = 0.1; |
| 283 | - if ($attempts > (8 * PHP_INT_SIZE - 1)) { |
|
| 283 | + if ($attempts > (8 * PHP_INT_SIZE - 1)) { |
|
| 284 | 284 | // Don't ever overflow. Just assume the maxDelay time:s |
| 285 | 285 | $firstDelay = $maxDelay; |
| 286 | 286 | } else { |
@@ -38,324 +38,324 @@ |
||
| 38 | 38 | use OCP\Settings\ISection; |
| 39 | 39 | |
| 40 | 40 | class Manager implements IManager { |
| 41 | - const TABLE_ADMIN_SETTINGS = 'admin_settings'; |
|
| 42 | - const TABLE_ADMIN_SECTIONS = 'admin_sections'; |
|
| 41 | + const TABLE_ADMIN_SETTINGS = 'admin_settings'; |
|
| 42 | + const TABLE_ADMIN_SECTIONS = 'admin_sections'; |
|
| 43 | 43 | |
| 44 | - /** @var ILogger */ |
|
| 45 | - private $log; |
|
| 46 | - /** @var IDBConnection */ |
|
| 47 | - private $dbc; |
|
| 48 | - /** @var Mapper */ |
|
| 49 | - private $mapper; |
|
| 50 | - /** @var IL10N */ |
|
| 51 | - private $l; |
|
| 52 | - /** @var IConfig */ |
|
| 53 | - private $config; |
|
| 54 | - /** @var EncryptionManager */ |
|
| 55 | - private $encryptionManager; |
|
| 56 | - /** @var IUserManager */ |
|
| 57 | - private $userManager; |
|
| 58 | - /** @var ILockingProvider */ |
|
| 59 | - private $lockingProvider; |
|
| 60 | - /** @var IRequest */ |
|
| 61 | - private $request; |
|
| 62 | - /** @var IURLGenerator */ |
|
| 63 | - private $url; |
|
| 44 | + /** @var ILogger */ |
|
| 45 | + private $log; |
|
| 46 | + /** @var IDBConnection */ |
|
| 47 | + private $dbc; |
|
| 48 | + /** @var Mapper */ |
|
| 49 | + private $mapper; |
|
| 50 | + /** @var IL10N */ |
|
| 51 | + private $l; |
|
| 52 | + /** @var IConfig */ |
|
| 53 | + private $config; |
|
| 54 | + /** @var EncryptionManager */ |
|
| 55 | + private $encryptionManager; |
|
| 56 | + /** @var IUserManager */ |
|
| 57 | + private $userManager; |
|
| 58 | + /** @var ILockingProvider */ |
|
| 59 | + private $lockingProvider; |
|
| 60 | + /** @var IRequest */ |
|
| 61 | + private $request; |
|
| 62 | + /** @var IURLGenerator */ |
|
| 63 | + private $url; |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * @param ILogger $log |
|
| 67 | - * @param IDBConnection $dbc |
|
| 68 | - * @param IL10N $l |
|
| 69 | - * @param IConfig $config |
|
| 70 | - * @param EncryptionManager $encryptionManager |
|
| 71 | - * @param IUserManager $userManager |
|
| 72 | - * @param ILockingProvider $lockingProvider |
|
| 73 | - * @param IRequest $request |
|
| 74 | - * @param Mapper $mapper |
|
| 75 | - * @param IURLGenerator $url |
|
| 76 | - */ |
|
| 77 | - public function __construct( |
|
| 78 | - ILogger $log, |
|
| 79 | - IDBConnection $dbc, |
|
| 80 | - IL10N $l, |
|
| 81 | - IConfig $config, |
|
| 82 | - EncryptionManager $encryptionManager, |
|
| 83 | - IUserManager $userManager, |
|
| 84 | - ILockingProvider $lockingProvider, |
|
| 85 | - IRequest $request, |
|
| 86 | - Mapper $mapper, |
|
| 87 | - IURLGenerator $url |
|
| 88 | - ) { |
|
| 89 | - $this->log = $log; |
|
| 90 | - $this->dbc = $dbc; |
|
| 91 | - $this->mapper = $mapper; |
|
| 92 | - $this->l = $l; |
|
| 93 | - $this->config = $config; |
|
| 94 | - $this->encryptionManager = $encryptionManager; |
|
| 95 | - $this->userManager = $userManager; |
|
| 96 | - $this->lockingProvider = $lockingProvider; |
|
| 97 | - $this->request = $request; |
|
| 98 | - $this->url = $url; |
|
| 99 | - } |
|
| 65 | + /** |
|
| 66 | + * @param ILogger $log |
|
| 67 | + * @param IDBConnection $dbc |
|
| 68 | + * @param IL10N $l |
|
| 69 | + * @param IConfig $config |
|
| 70 | + * @param EncryptionManager $encryptionManager |
|
| 71 | + * @param IUserManager $userManager |
|
| 72 | + * @param ILockingProvider $lockingProvider |
|
| 73 | + * @param IRequest $request |
|
| 74 | + * @param Mapper $mapper |
|
| 75 | + * @param IURLGenerator $url |
|
| 76 | + */ |
|
| 77 | + public function __construct( |
|
| 78 | + ILogger $log, |
|
| 79 | + IDBConnection $dbc, |
|
| 80 | + IL10N $l, |
|
| 81 | + IConfig $config, |
|
| 82 | + EncryptionManager $encryptionManager, |
|
| 83 | + IUserManager $userManager, |
|
| 84 | + ILockingProvider $lockingProvider, |
|
| 85 | + IRequest $request, |
|
| 86 | + Mapper $mapper, |
|
| 87 | + IURLGenerator $url |
|
| 88 | + ) { |
|
| 89 | + $this->log = $log; |
|
| 90 | + $this->dbc = $dbc; |
|
| 91 | + $this->mapper = $mapper; |
|
| 92 | + $this->l = $l; |
|
| 93 | + $this->config = $config; |
|
| 94 | + $this->encryptionManager = $encryptionManager; |
|
| 95 | + $this->userManager = $userManager; |
|
| 96 | + $this->lockingProvider = $lockingProvider; |
|
| 97 | + $this->request = $request; |
|
| 98 | + $this->url = $url; |
|
| 99 | + } |
|
| 100 | 100 | |
| 101 | - /** |
|
| 102 | - * @inheritdoc |
|
| 103 | - */ |
|
| 104 | - public function setupSettings(array $settings) { |
|
| 105 | - if (isset($settings[IManager::KEY_ADMIN_SECTION])) { |
|
| 106 | - $this->setupAdminSection($settings[IManager::KEY_ADMIN_SECTION]); |
|
| 107 | - } |
|
| 108 | - if (isset($settings[IManager::KEY_ADMIN_SETTINGS])) { |
|
| 109 | - $this->setupAdminSettings($settings[IManager::KEY_ADMIN_SETTINGS]); |
|
| 110 | - } |
|
| 111 | - } |
|
| 101 | + /** |
|
| 102 | + * @inheritdoc |
|
| 103 | + */ |
|
| 104 | + public function setupSettings(array $settings) { |
|
| 105 | + if (isset($settings[IManager::KEY_ADMIN_SECTION])) { |
|
| 106 | + $this->setupAdminSection($settings[IManager::KEY_ADMIN_SECTION]); |
|
| 107 | + } |
|
| 108 | + if (isset($settings[IManager::KEY_ADMIN_SETTINGS])) { |
|
| 109 | + $this->setupAdminSettings($settings[IManager::KEY_ADMIN_SETTINGS]); |
|
| 110 | + } |
|
| 111 | + } |
|
| 112 | 112 | |
| 113 | - /** |
|
| 114 | - * attempts to remove an apps section and/or settings entry. A listener is |
|
| 115 | - * added centrally making sure that this method is called ones an app was |
|
| 116 | - * disabled. |
|
| 117 | - * |
|
| 118 | - * @param string $appId |
|
| 119 | - * @since 9.1.0 |
|
| 120 | - */ |
|
| 121 | - public function onAppDisabled($appId) { |
|
| 122 | - $appInfo = \OC_App::getAppInfo($appId); // hello static legacy |
|
| 113 | + /** |
|
| 114 | + * attempts to remove an apps section and/or settings entry. A listener is |
|
| 115 | + * added centrally making sure that this method is called ones an app was |
|
| 116 | + * disabled. |
|
| 117 | + * |
|
| 118 | + * @param string $appId |
|
| 119 | + * @since 9.1.0 |
|
| 120 | + */ |
|
| 121 | + public function onAppDisabled($appId) { |
|
| 122 | + $appInfo = \OC_App::getAppInfo($appId); // hello static legacy |
|
| 123 | 123 | |
| 124 | - if (isset($appInfo['settings'][IManager::KEY_ADMIN_SECTION])) { |
|
| 125 | - $this->mapper->remove(self::TABLE_ADMIN_SECTIONS, trim($appInfo['settings'][IManager::KEY_ADMIN_SECTION], '\\')); |
|
| 126 | - } |
|
| 127 | - if (isset($appInfo['settings'][IManager::KEY_ADMIN_SETTINGS])) { |
|
| 128 | - $this->mapper->remove(self::TABLE_ADMIN_SETTINGS, trim($appInfo['settings'][IManager::KEY_ADMIN_SETTINGS], '\\')); |
|
| 129 | - } |
|
| 130 | - } |
|
| 124 | + if (isset($appInfo['settings'][IManager::KEY_ADMIN_SECTION])) { |
|
| 125 | + $this->mapper->remove(self::TABLE_ADMIN_SECTIONS, trim($appInfo['settings'][IManager::KEY_ADMIN_SECTION], '\\')); |
|
| 126 | + } |
|
| 127 | + if (isset($appInfo['settings'][IManager::KEY_ADMIN_SETTINGS])) { |
|
| 128 | + $this->mapper->remove(self::TABLE_ADMIN_SETTINGS, trim($appInfo['settings'][IManager::KEY_ADMIN_SETTINGS], '\\')); |
|
| 129 | + } |
|
| 130 | + } |
|
| 131 | 131 | |
| 132 | - public function checkForOrphanedClassNames() { |
|
| 133 | - $tables = [self::TABLE_ADMIN_SECTIONS, self::TABLE_ADMIN_SETTINGS]; |
|
| 134 | - foreach ($tables as $table) { |
|
| 135 | - $classes = $this->mapper->getClasses($table); |
|
| 136 | - foreach ($classes as $className) { |
|
| 137 | - try { |
|
| 138 | - \OC::$server->query($className); |
|
| 139 | - } catch (QueryException $e) { |
|
| 140 | - $this->mapper->remove($table, $className); |
|
| 141 | - } |
|
| 142 | - } |
|
| 143 | - } |
|
| 144 | - } |
|
| 132 | + public function checkForOrphanedClassNames() { |
|
| 133 | + $tables = [self::TABLE_ADMIN_SECTIONS, self::TABLE_ADMIN_SETTINGS]; |
|
| 134 | + foreach ($tables as $table) { |
|
| 135 | + $classes = $this->mapper->getClasses($table); |
|
| 136 | + foreach ($classes as $className) { |
|
| 137 | + try { |
|
| 138 | + \OC::$server->query($className); |
|
| 139 | + } catch (QueryException $e) { |
|
| 140 | + $this->mapper->remove($table, $className); |
|
| 141 | + } |
|
| 142 | + } |
|
| 143 | + } |
|
| 144 | + } |
|
| 145 | 145 | |
| 146 | - /** |
|
| 147 | - * @param string $sectionClassName |
|
| 148 | - */ |
|
| 149 | - private function setupAdminSection($sectionClassName) { |
|
| 150 | - if (!class_exists($sectionClassName)) { |
|
| 151 | - $this->log->debug('Could not find admin section class ' . $sectionClassName); |
|
| 152 | - return; |
|
| 153 | - } |
|
| 154 | - try { |
|
| 155 | - $section = $this->query($sectionClassName); |
|
| 156 | - } catch (QueryException $e) { |
|
| 157 | - // cancel |
|
| 158 | - return; |
|
| 159 | - } |
|
| 146 | + /** |
|
| 147 | + * @param string $sectionClassName |
|
| 148 | + */ |
|
| 149 | + private function setupAdminSection($sectionClassName) { |
|
| 150 | + if (!class_exists($sectionClassName)) { |
|
| 151 | + $this->log->debug('Could not find admin section class ' . $sectionClassName); |
|
| 152 | + return; |
|
| 153 | + } |
|
| 154 | + try { |
|
| 155 | + $section = $this->query($sectionClassName); |
|
| 156 | + } catch (QueryException $e) { |
|
| 157 | + // cancel |
|
| 158 | + return; |
|
| 159 | + } |
|
| 160 | 160 | |
| 161 | - if (!$section instanceof ISection) { |
|
| 162 | - $this->log->error( |
|
| 163 | - 'Admin section instance must implement \OCP\ISection. Invalid class: {class}', |
|
| 164 | - ['class' => $sectionClassName] |
|
| 165 | - ); |
|
| 166 | - return; |
|
| 167 | - } |
|
| 168 | - if (!$this->hasAdminSection(get_class($section))) { |
|
| 169 | - $this->addAdminSection($section); |
|
| 170 | - } else { |
|
| 171 | - $this->updateAdminSection($section); |
|
| 172 | - } |
|
| 173 | - } |
|
| 161 | + if (!$section instanceof ISection) { |
|
| 162 | + $this->log->error( |
|
| 163 | + 'Admin section instance must implement \OCP\ISection. Invalid class: {class}', |
|
| 164 | + ['class' => $sectionClassName] |
|
| 165 | + ); |
|
| 166 | + return; |
|
| 167 | + } |
|
| 168 | + if (!$this->hasAdminSection(get_class($section))) { |
|
| 169 | + $this->addAdminSection($section); |
|
| 170 | + } else { |
|
| 171 | + $this->updateAdminSection($section); |
|
| 172 | + } |
|
| 173 | + } |
|
| 174 | 174 | |
| 175 | - private function addAdminSection(ISection $section) { |
|
| 176 | - $this->mapper->add(self::TABLE_ADMIN_SECTIONS, [ |
|
| 177 | - 'id' => $section->getID(), |
|
| 178 | - 'class' => get_class($section), |
|
| 179 | - 'priority' => $section->getPriority(), |
|
| 180 | - ]); |
|
| 181 | - } |
|
| 175 | + private function addAdminSection(ISection $section) { |
|
| 176 | + $this->mapper->add(self::TABLE_ADMIN_SECTIONS, [ |
|
| 177 | + 'id' => $section->getID(), |
|
| 178 | + 'class' => get_class($section), |
|
| 179 | + 'priority' => $section->getPriority(), |
|
| 180 | + ]); |
|
| 181 | + } |
|
| 182 | 182 | |
| 183 | - private function addAdminSettings(ISettings $settings) { |
|
| 184 | - $this->mapper->add(self::TABLE_ADMIN_SETTINGS, [ |
|
| 185 | - 'class' => get_class($settings), |
|
| 186 | - 'section' => $settings->getSection(), |
|
| 187 | - 'priority' => $settings->getPriority(), |
|
| 188 | - ]); |
|
| 189 | - } |
|
| 183 | + private function addAdminSettings(ISettings $settings) { |
|
| 184 | + $this->mapper->add(self::TABLE_ADMIN_SETTINGS, [ |
|
| 185 | + 'class' => get_class($settings), |
|
| 186 | + 'section' => $settings->getSection(), |
|
| 187 | + 'priority' => $settings->getPriority(), |
|
| 188 | + ]); |
|
| 189 | + } |
|
| 190 | 190 | |
| 191 | - private function updateAdminSettings(ISettings $settings) { |
|
| 192 | - $this->mapper->update( |
|
| 193 | - self::TABLE_ADMIN_SETTINGS, |
|
| 194 | - 'class', |
|
| 195 | - get_class($settings), |
|
| 196 | - [ |
|
| 197 | - 'section' => $settings->getSection(), |
|
| 198 | - 'priority' => $settings->getPriority(), |
|
| 199 | - ] |
|
| 200 | - ); |
|
| 201 | - } |
|
| 191 | + private function updateAdminSettings(ISettings $settings) { |
|
| 192 | + $this->mapper->update( |
|
| 193 | + self::TABLE_ADMIN_SETTINGS, |
|
| 194 | + 'class', |
|
| 195 | + get_class($settings), |
|
| 196 | + [ |
|
| 197 | + 'section' => $settings->getSection(), |
|
| 198 | + 'priority' => $settings->getPriority(), |
|
| 199 | + ] |
|
| 200 | + ); |
|
| 201 | + } |
|
| 202 | 202 | |
| 203 | - private function updateAdminSection(ISection $section) { |
|
| 204 | - $this->mapper->update( |
|
| 205 | - self::TABLE_ADMIN_SECTIONS, |
|
| 206 | - 'class', |
|
| 207 | - get_class($section), |
|
| 208 | - [ |
|
| 209 | - 'id' => $section->getID(), |
|
| 210 | - 'priority' => $section->getPriority(), |
|
| 211 | - ] |
|
| 212 | - ); |
|
| 213 | - } |
|
| 203 | + private function updateAdminSection(ISection $section) { |
|
| 204 | + $this->mapper->update( |
|
| 205 | + self::TABLE_ADMIN_SECTIONS, |
|
| 206 | + 'class', |
|
| 207 | + get_class($section), |
|
| 208 | + [ |
|
| 209 | + 'id' => $section->getID(), |
|
| 210 | + 'priority' => $section->getPriority(), |
|
| 211 | + ] |
|
| 212 | + ); |
|
| 213 | + } |
|
| 214 | 214 | |
| 215 | - /** |
|
| 216 | - * @param string $className |
|
| 217 | - * @return bool |
|
| 218 | - */ |
|
| 219 | - private function hasAdminSection($className) { |
|
| 220 | - return $this->mapper->has(self::TABLE_ADMIN_SECTIONS, $className); |
|
| 221 | - } |
|
| 215 | + /** |
|
| 216 | + * @param string $className |
|
| 217 | + * @return bool |
|
| 218 | + */ |
|
| 219 | + private function hasAdminSection($className) { |
|
| 220 | + return $this->mapper->has(self::TABLE_ADMIN_SECTIONS, $className); |
|
| 221 | + } |
|
| 222 | 222 | |
| 223 | - /** |
|
| 224 | - * @param string $className |
|
| 225 | - * @return bool |
|
| 226 | - */ |
|
| 227 | - private function hasAdminSettings($className) { |
|
| 228 | - return $this->mapper->has(self::TABLE_ADMIN_SETTINGS, $className); |
|
| 229 | - } |
|
| 223 | + /** |
|
| 224 | + * @param string $className |
|
| 225 | + * @return bool |
|
| 226 | + */ |
|
| 227 | + private function hasAdminSettings($className) { |
|
| 228 | + return $this->mapper->has(self::TABLE_ADMIN_SETTINGS, $className); |
|
| 229 | + } |
|
| 230 | 230 | |
| 231 | - private function setupAdminSettings($settingsClassName) { |
|
| 232 | - if (!class_exists($settingsClassName)) { |
|
| 233 | - $this->log->debug('Could not find admin section class ' . $settingsClassName); |
|
| 234 | - return; |
|
| 235 | - } |
|
| 231 | + private function setupAdminSettings($settingsClassName) { |
|
| 232 | + if (!class_exists($settingsClassName)) { |
|
| 233 | + $this->log->debug('Could not find admin section class ' . $settingsClassName); |
|
| 234 | + return; |
|
| 235 | + } |
|
| 236 | 236 | |
| 237 | - try { |
|
| 238 | - /** @var ISettings $settings */ |
|
| 239 | - $settings = $this->query($settingsClassName); |
|
| 240 | - } catch (QueryException $e) { |
|
| 241 | - // cancel |
|
| 242 | - return; |
|
| 243 | - } |
|
| 237 | + try { |
|
| 238 | + /** @var ISettings $settings */ |
|
| 239 | + $settings = $this->query($settingsClassName); |
|
| 240 | + } catch (QueryException $e) { |
|
| 241 | + // cancel |
|
| 242 | + return; |
|
| 243 | + } |
|
| 244 | 244 | |
| 245 | - if (!$settings instanceof ISettings) { |
|
| 246 | - $this->log->error( |
|
| 247 | - 'Admin section instance must implement \OCP\Settings\ISection. Invalid class: {class}', |
|
| 248 | - ['class' => $settingsClassName] |
|
| 249 | - ); |
|
| 250 | - return; |
|
| 251 | - } |
|
| 252 | - if (!$this->hasAdminSettings(get_class($settings))) { |
|
| 253 | - $this->addAdminSettings($settings); |
|
| 254 | - } else { |
|
| 255 | - $this->updateAdminSettings($settings); |
|
| 256 | - } |
|
| 257 | - } |
|
| 245 | + if (!$settings instanceof ISettings) { |
|
| 246 | + $this->log->error( |
|
| 247 | + 'Admin section instance must implement \OCP\Settings\ISection. Invalid class: {class}', |
|
| 248 | + ['class' => $settingsClassName] |
|
| 249 | + ); |
|
| 250 | + return; |
|
| 251 | + } |
|
| 252 | + if (!$this->hasAdminSettings(get_class($settings))) { |
|
| 253 | + $this->addAdminSettings($settings); |
|
| 254 | + } else { |
|
| 255 | + $this->updateAdminSettings($settings); |
|
| 256 | + } |
|
| 257 | + } |
|
| 258 | 258 | |
| 259 | - private function query($className) { |
|
| 260 | - try { |
|
| 261 | - return \OC::$server->query($className); |
|
| 262 | - } catch (QueryException $e) { |
|
| 263 | - $this->log->logException($e); |
|
| 264 | - throw $e; |
|
| 265 | - } |
|
| 266 | - } |
|
| 259 | + private function query($className) { |
|
| 260 | + try { |
|
| 261 | + return \OC::$server->query($className); |
|
| 262 | + } catch (QueryException $e) { |
|
| 263 | + $this->log->logException($e); |
|
| 264 | + throw $e; |
|
| 265 | + } |
|
| 266 | + } |
|
| 267 | 267 | |
| 268 | - /** |
|
| 269 | - * @inheritdoc |
|
| 270 | - */ |
|
| 271 | - public function getAdminSections() { |
|
| 272 | - // built-in sections |
|
| 273 | - $sections = [ |
|
| 274 | - 0 => [new Section('server', $this->l->t('Server settings'), 0, $this->url->imagePath('settings', 'admin.svg'))], |
|
| 275 | - 5 => [new Section('sharing', $this->l->t('Sharing'), 0, $this->url->imagePath('core', 'actions/share.svg'))], |
|
| 276 | - 10 => [new Section('security', $this->l->t('Security'), 0, $this->url->imagePath('core', 'actions/password.svg'))], |
|
| 277 | - 45 => [new Section('encryption', $this->l->t('Encryption'), 0, $this->url->imagePath('core', 'actions/password.svg'))], |
|
| 278 | - 98 => [new Section('additional', $this->l->t('Additional settings'), 0, $this->url->imagePath('core', 'actions/settings-dark.svg'))], |
|
| 279 | - 99 => [new Section('tips-tricks', $this->l->t('Tips & tricks'), 0, $this->url->imagePath('settings', 'help.svg'))], |
|
| 280 | - ]; |
|
| 268 | + /** |
|
| 269 | + * @inheritdoc |
|
| 270 | + */ |
|
| 271 | + public function getAdminSections() { |
|
| 272 | + // built-in sections |
|
| 273 | + $sections = [ |
|
| 274 | + 0 => [new Section('server', $this->l->t('Server settings'), 0, $this->url->imagePath('settings', 'admin.svg'))], |
|
| 275 | + 5 => [new Section('sharing', $this->l->t('Sharing'), 0, $this->url->imagePath('core', 'actions/share.svg'))], |
|
| 276 | + 10 => [new Section('security', $this->l->t('Security'), 0, $this->url->imagePath('core', 'actions/password.svg'))], |
|
| 277 | + 45 => [new Section('encryption', $this->l->t('Encryption'), 0, $this->url->imagePath('core', 'actions/password.svg'))], |
|
| 278 | + 98 => [new Section('additional', $this->l->t('Additional settings'), 0, $this->url->imagePath('core', 'actions/settings-dark.svg'))], |
|
| 279 | + 99 => [new Section('tips-tricks', $this->l->t('Tips & tricks'), 0, $this->url->imagePath('settings', 'help.svg'))], |
|
| 280 | + ]; |
|
| 281 | 281 | |
| 282 | - $rows = $this->mapper->getAdminSectionsFromDB(); |
|
| 282 | + $rows = $this->mapper->getAdminSectionsFromDB(); |
|
| 283 | 283 | |
| 284 | - foreach ($rows as $row) { |
|
| 285 | - if (!isset($sections[$row['priority']])) { |
|
| 286 | - $sections[$row['priority']] = []; |
|
| 287 | - } |
|
| 288 | - try { |
|
| 289 | - $sections[$row['priority']][] = $this->query($row['class']); |
|
| 290 | - } catch (QueryException $e) { |
|
| 291 | - // skip |
|
| 292 | - } |
|
| 293 | - } |
|
| 284 | + foreach ($rows as $row) { |
|
| 285 | + if (!isset($sections[$row['priority']])) { |
|
| 286 | + $sections[$row['priority']] = []; |
|
| 287 | + } |
|
| 288 | + try { |
|
| 289 | + $sections[$row['priority']][] = $this->query($row['class']); |
|
| 290 | + } catch (QueryException $e) { |
|
| 291 | + // skip |
|
| 292 | + } |
|
| 293 | + } |
|
| 294 | 294 | |
| 295 | - ksort($sections); |
|
| 295 | + ksort($sections); |
|
| 296 | 296 | |
| 297 | - return $sections; |
|
| 298 | - } |
|
| 297 | + return $sections; |
|
| 298 | + } |
|
| 299 | 299 | |
| 300 | - /** |
|
| 301 | - * @param string $section |
|
| 302 | - * @return ISection[] |
|
| 303 | - */ |
|
| 304 | - private function getBuiltInAdminSettings($section) { |
|
| 305 | - $forms = []; |
|
| 306 | - try { |
|
| 307 | - if ($section === 'server') { |
|
| 308 | - /** @var ISettings $form */ |
|
| 309 | - $form = new Admin\Server($this->dbc, $this->request, $this->config, $this->lockingProvider, $this->l); |
|
| 310 | - $forms[$form->getPriority()] = [$form]; |
|
| 311 | - $form = new Admin\ServerDevNotice(); |
|
| 312 | - $forms[$form->getPriority()] = [$form]; |
|
| 313 | - } |
|
| 314 | - if ($section === 'encryption') { |
|
| 315 | - /** @var ISettings $form */ |
|
| 316 | - $form = new Admin\Encryption($this->encryptionManager, $this->userManager); |
|
| 317 | - $forms[$form->getPriority()] = [$form]; |
|
| 318 | - } |
|
| 319 | - if ($section === 'sharing') { |
|
| 320 | - /** @var ISettings $form */ |
|
| 321 | - $form = new Admin\Sharing($this->config); |
|
| 322 | - $forms[$form->getPriority()] = [$form]; |
|
| 323 | - } |
|
| 324 | - if ($section === 'additional') { |
|
| 325 | - /** @var ISettings $form */ |
|
| 326 | - $form = new Admin\Additional($this->config); |
|
| 327 | - $forms[$form->getPriority()] = [$form]; |
|
| 328 | - } |
|
| 329 | - if ($section === 'tips-tricks') { |
|
| 330 | - /** @var ISettings $form */ |
|
| 331 | - $form = new Admin\TipsTricks($this->config); |
|
| 332 | - $forms[$form->getPriority()] = [$form]; |
|
| 333 | - } |
|
| 334 | - } catch (QueryException $e) { |
|
| 335 | - // skip |
|
| 336 | - } |
|
| 337 | - return $forms; |
|
| 338 | - } |
|
| 300 | + /** |
|
| 301 | + * @param string $section |
|
| 302 | + * @return ISection[] |
|
| 303 | + */ |
|
| 304 | + private function getBuiltInAdminSettings($section) { |
|
| 305 | + $forms = []; |
|
| 306 | + try { |
|
| 307 | + if ($section === 'server') { |
|
| 308 | + /** @var ISettings $form */ |
|
| 309 | + $form = new Admin\Server($this->dbc, $this->request, $this->config, $this->lockingProvider, $this->l); |
|
| 310 | + $forms[$form->getPriority()] = [$form]; |
|
| 311 | + $form = new Admin\ServerDevNotice(); |
|
| 312 | + $forms[$form->getPriority()] = [$form]; |
|
| 313 | + } |
|
| 314 | + if ($section === 'encryption') { |
|
| 315 | + /** @var ISettings $form */ |
|
| 316 | + $form = new Admin\Encryption($this->encryptionManager, $this->userManager); |
|
| 317 | + $forms[$form->getPriority()] = [$form]; |
|
| 318 | + } |
|
| 319 | + if ($section === 'sharing') { |
|
| 320 | + /** @var ISettings $form */ |
|
| 321 | + $form = new Admin\Sharing($this->config); |
|
| 322 | + $forms[$form->getPriority()] = [$form]; |
|
| 323 | + } |
|
| 324 | + if ($section === 'additional') { |
|
| 325 | + /** @var ISettings $form */ |
|
| 326 | + $form = new Admin\Additional($this->config); |
|
| 327 | + $forms[$form->getPriority()] = [$form]; |
|
| 328 | + } |
|
| 329 | + if ($section === 'tips-tricks') { |
|
| 330 | + /** @var ISettings $form */ |
|
| 331 | + $form = new Admin\TipsTricks($this->config); |
|
| 332 | + $forms[$form->getPriority()] = [$form]; |
|
| 333 | + } |
|
| 334 | + } catch (QueryException $e) { |
|
| 335 | + // skip |
|
| 336 | + } |
|
| 337 | + return $forms; |
|
| 338 | + } |
|
| 339 | 339 | |
| 340 | - /** |
|
| 341 | - * @inheritdoc |
|
| 342 | - */ |
|
| 343 | - public function getAdminSettings($section) { |
|
| 344 | - $settings = $this->getBuiltInAdminSettings($section); |
|
| 345 | - $dbRows = $this->mapper->getAdminSettingsFromDB($section); |
|
| 340 | + /** |
|
| 341 | + * @inheritdoc |
|
| 342 | + */ |
|
| 343 | + public function getAdminSettings($section) { |
|
| 344 | + $settings = $this->getBuiltInAdminSettings($section); |
|
| 345 | + $dbRows = $this->mapper->getAdminSettingsFromDB($section); |
|
| 346 | 346 | |
| 347 | - foreach ($dbRows as $row) { |
|
| 348 | - if (!isset($settings[$row['priority']])) { |
|
| 349 | - $settings[$row['priority']] = []; |
|
| 350 | - } |
|
| 351 | - try { |
|
| 352 | - $settings[$row['priority']][] = $this->query($row['class']); |
|
| 353 | - } catch (QueryException $e) { |
|
| 354 | - // skip |
|
| 355 | - } |
|
| 356 | - } |
|
| 347 | + foreach ($dbRows as $row) { |
|
| 348 | + if (!isset($settings[$row['priority']])) { |
|
| 349 | + $settings[$row['priority']] = []; |
|
| 350 | + } |
|
| 351 | + try { |
|
| 352 | + $settings[$row['priority']][] = $this->query($row['class']); |
|
| 353 | + } catch (QueryException $e) { |
|
| 354 | + // skip |
|
| 355 | + } |
|
| 356 | + } |
|
| 357 | 357 | |
| 358 | - ksort($settings); |
|
| 359 | - return $settings; |
|
| 360 | - } |
|
| 358 | + ksort($settings); |
|
| 359 | + return $settings; |
|
| 360 | + } |
|
| 361 | 361 | } |
